package com.itheima.demo;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("hello")
@PreAuthorize("hasRole('ROLE_ADMIN')")
public class HelloController {

    @RequestMapping("demo1")
    public String demo1(){

        System.out.println("demo1方法执行了");

        return "forward:/a.html";
    }

    @RequestMapping("demo2")
    public String demo2(){

        System.out.println("demo2方法执行了");

        return "redirect:/a.html";
    }

    /**
     * 在方法demo3.do时，登陆用户必须拥有add权限才能访问
     * @return
     */
    @PreAuthorize("hasAuthority('add')")
    @RequestMapping("demo3")
    public String demo3(){

        System.out.println("demo3方法执行了");

        return "redirect:/a.html";
    }

    /**
     * 在访问demo4.do时，当前用户必须拥有ROLE_ADMIN的角色才能访问demo4.do
     * @return
     */
    //@PreAuthorize("hasRole('ROLE_ADMIN')")
    @RequestMapping("demo4")
    public String demo4(){

        System.out.println("demo4方法执行了");

        return "redirect:/a.html";
    }
}
